JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.250.226.232

197.250.226.232 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 27%: ?

27%

ISP	Vodacom Tanzania Ltd
Usage Type	Fixed Line ISP
ASN	AS36908
Domain Name	vodacom.co.tz
Country	🇹🇿 Tanzania, the United Republic of
City	Dar es Salaam, Dar es Salaam Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.250.226.232

Whois 197.250.226.232

IP Abuse Reports for 197.250.226.232:

This IP address has been reported a total of 12 times from 6 distinct sources. 197.250.226.232 was first reported on December 10th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 16:57:00 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 12:56:54.320442 2026] [security2:error] [pid 11905:tid 11905] [client 197.250.226.232:9785] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.250.226.232 (+1 hits since last alert)\|36sovereignchambers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "36sovereignchambers.com"] [uri "/xmlrpc.php"] [unique_id "ajlpVivxCmH-dOB5u61kWgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 15:13:33 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 11:13:29.136210 2026] [security2:error] [pid 30776:tid 30776] [client 197.250.226.232:31008] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.250.226.232 (+1 hits since last alert)\|chickiesbeef.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "chickiesbeef.com"] [uri "/xmlrpc.php"] [unique_id "ajlRGR5vKylvaxwQkl8FQQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 08:38:22 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 04:38:14.668148 2026] [security2:error] [pid 5601:tid 5601] [client 197.250.226.232:23334] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.250.226.232 (+1 hits since last alert)\|applemaccomputerconsulting.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "applemaccomputerconsulting.com"] [uri "/xmlrpc.php"] [unique_id "ajj0dlP-lvin6ZR8y_WlnQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-05-30 15:29:37 (3 weeks ago)	(wordpress) Failed wordpress login from 197.250.226.232 (TZ/Tanzania/Dar es Salaam Region/Dar es Sal ... show more (wordpress) Failed wordpress login from 197.250.226.232 (TZ/Tanzania/Dar es Salaam Region/Dar es Salaam/-) show less	Brute-Force
🇩🇪 rh24	2026-05-30 15:28:25 (3 weeks ago)	(xmlrpc_405) XMLRPC-Bot 405 197.250.226.232 (TZ/Tanzania/-)	Hacking
🇺🇸 TPI-Abuse	2026-05-30 15:00:01 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 10:59:56.114388 2026] [security2:error] [pid 20294:tid 20294] [client 197.250.226.232:29745] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.250.226.232 (+1 hits since last alert)\|littlecreekrvranch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "littlecreekrvranch.com"] [uri "/xmlrpc.php"] [unique_id "ahr7bBU15vDZBP9NJo7CAAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-05-30 14:57:52 (3 weeks ago)	Probing websites for vulnerabilities	Web App Attack
Anonymous	2026-05-30 13:26:04 (3 weeks ago)	[ns19.kdns.gr] httpd-xmlrpc-post: sites=microtech.com.cy; logs=/var/log/httpd/domains/microtech.com. ... show more [ns19.kdns.gr] httpd-xmlrpc-post: sites=microtech.com.cy; logs=/var/log/httpd/domains/microtech.com.cy.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 09:41:36 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 05:41:29.607971 2026] [security2:error] [pid 11950:tid 11950] [client 197.250.226.232:29893] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.250.226.232 (+1 hits since last alert)\|wokedreamer.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wokedreamer.com"] [uri "/xmlrpc.php"] [unique_id "ahqwycIoJ1COcW_EDD7E2QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 05:48:18 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 197.250.226.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 01:48:12.361183 2026] [security2:error] [pid 14040:tid 14040] [client 197.250.226.232:21171] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 197.250.226.232 (+1 hits since last alert)\|roguetechhub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechhub.com"] [uri "/xmlrpc.php"] [unique_id "ahp6HPV9s4kcJZEMNOrgegAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-01-19 03:05:22 (5 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/197.250.226.232	SSH
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.40.167.121

🇳🇱 192.42.116.65

🇨🇭 178.197.198.135

🇪🇸 90.162.116.66

🇳🇱 45.148.10.151

🇮🇩 36.89.252.58

🇬🇧 18.135.28.100

🇺🇸 147.185.132.218

🇺🇸 66.132.172.143

🇨🇳 60.5.185.44

🇬🇧 35.203.210.248

🇺🇸 34.224.212.193

🇺🇸 20.65.194.108

🇯🇵 8.216.9.107

🇺🇸 3.134.216.108

🇷🇴 2.57.121.25

🇩🇪 2.27.20.149

🇹🇭 202.183.141.133

🇹🇼 198.235.24.114

🇹🇷 195.33.200.58